Release 1.4.3

• Migrate edicon from C to Ruby: replace edicon.exe with a pure-Ruby implementation (ed_icon.rb), fixing incorrect BeginUpdateResource error checking and wrong GroupIconSize calculation. Shortens build times and removes the C binary from the build.
• Include Gem.default_dir in GEM_PATH on all platforms: previously the exec_prefix gem directory was excluded on Windows, causing native-extension gems (e.g. fxruby/fox16) to fail at runtime with a LoadError even though they were bundled correctly.
• Add FXRuby (fox16) test: verify that native extension DLLs are bundled correctly so the packaged executable does not raise a LoadError at runtime.
• CI: start a virtual display (xpra + Xorg dummy driver with GLX) on Linux before running tests so FXRuby's X11 requirement is satisfied.
• CI: install XQuartz on macOS runners and add it to the portability test job so FXRuby can connect to a display on both test and portability jobs.

Release v1.4.2

v1.4.2 - OpenSSL auto-bundling and companion DLL scan

Fixes a class of bugs where executables using net/http for HTTPS would
fail at runtime with missing OpenSSL libraries, depending on whether an
actual HTTPS request happened to run during the OCRAN dependency scan.

Changes:
- Auto-load openssl during build when net/http is loaded but no HTTPS
  request was made during the scan. All transitive dependencies
  (openssl.rb, digest.so, etc.) are captured and bundled correctly.
- Companion DLL scan (Windows): when a native extension (.so) in the
  Ruby installation is loaded, all DLLs in the same archdir are
  proactively included. Fixes missing libssl-3-x64.dll,
  libcrypto-3-x64.dll, libwinpthread-1.dll, and libyaml-0-2.dll.
- Add return if defined?(Ocran) guards to test fixtures that have
  runtime-only side effects, so dependency detection is tested
  independently of whether the script runs cleanly during the scan.

Release 1.4.1

• Fix kernel_require.rb packed at wrong path when rubygems-update is installed (e.g. via asdf on Linux/macOS). kernel_require.rb is now located relative to the actually-loaded rubygems.rb from $LOADED_FEATURES, falling back to rubylibdir for standard Ruby installations.

Release 1.4.0

- Add Linux support: build and run self-extracting ELF executables on…

Release 1.3.18

What's New in 1.3.18

Now massively better tested.

🆕 New Feature

• Autodetect more Libraries - Many more libraries such as glimmer and even TK are automatically detected and included into the .exe
• IRB as .exe — IRB can now be shipped as a standalone .exe file
• Ruby 4.0 support — Full compatibility with Ruby 4.0
• Ruby 3.2+ support — Ruby 3.2 and above now fully supported; Ruby 3.0 and 3.1 are no longer supported
• Windows Authenticode signing — The stub now detects and skips PE security directory entries when searching for the OCRAN signature, enabling correct unpacking of signed executables. Build time also clears invalid security directory entries to allow subsequent signing
• Bundled cacert.pem — Included in the .exe to prevent SSL certificate verification failures
• Full UTF-16 Win32 API usage — system_utils.c now uses wide (W) variants throughout (CreateFileW, CreateDirectoryW, DeleteFileW, FindFirstFileW/FindNextFileW, RemoveDirectoryW, GetFileAttributesW, MoveFileExW, GetTempPathW, CreateProcessW) for correct handling of multibyte (UTF-8) paths

🐛 Bug Fixes

• SxS error 14001 — Fixed crash when loading native extensions (e.g. openssl.so, date_core.so). Companion *.so-assembly.manifest files in archdir are now included alongside their .so files; all files in ruby_builtin_dlls/ (DLLs and manifests) are now included
• GetModuleFileNameW buffer size — Fixed incorrect byte size being passed instead of character count in LibraryDetector
• Pointer underflow in stub unpacker — Fixed subtraction underflow when a tampered offset places head past tail
• Icon bounds checking — Added bounds checking for icon file entries in edicon to prevent out-of-bounds reads from malformed .ico files
• Duplicate MessageBox dialogs — Fixed issue where two dialogs appeared in GUI mode when a signature was not found

🔧 Stub Improvements

• Suppress user notifications during cleanup; errors are now logged to DEBUG output only
• No longer creates a marker file when the stub fails to delete the installation directory
• During cleanup, switches to a safer working directory before removing the extraction directory
• Error messages from the stub are now truncated to a fixed maximum length
• Extraction directory name now follows mkdtemp style, generated using secure random numbers
• Disabled path expansion of template characters for additional options passed to the script
• Working directory switch now uses Ruby's -C option

Release 1.3.17

What's new in 1.3.17

✅ Multibyte (UTF-8) support on Windows

OCRAN now fully supports multibyte filenames and directories—including Japanese, emoji, and other non-ASCII characters—on Windows platforms.
This is enabled by a UTF-8 manifest embedded in stub.exe, and requires Windows 10 version 1903 or later.

To ensure correct console I/O when running OCRAN-built executables, we recommend switching to UTF-8 code page using:

chcp 65001

🛠 Development environment improvements

• Added bin/setup (Bash and .bat) to automate dependency installation and stub compilation
• Added bin/console for interactive testing
• Introduced rake build as the unified entry point for building stubs
• Updated README with quick start instructions and Windows shell compatibility
• Improved gemspec packaging (spec.files) and clarified system requirements

Release 1.3.16

=== 1.3.16

• Support for Ruby 3.0 and above. Drop ruby 2.6 and 2.7 support.
• At startup, OCRAN no longer automatically removes directories that were previously deployed but couldn't be deleted. This change has been made to enhance security by preventing processes other than the startup process from manipulating temporary files created by them.
• The ability for the stub to launch any script during the unpacking of application files has been removed. This feature was not in use.
• The exit code from the Ruby application is now returned when the stub is terminated.
• The packed data no longer contains redundant directory information.
• Fixed errors in the --debug option.
• Upgraded LZMA decoder to version 22.01
• The directory generation for file extraction has been changed to use unique directory names created with high-resolution timestamps. Additionally, a retry limit for directory creation has been introduced, reducing the risk of infinite loops due to name collisions.
• Implemented variable-length buffer handling for path strings in stub, eliminating the risk of buffer overruns dependent on MAX_PATH.
• In order to reduce security risks during the cleanup process before application termination, we have implemented a safe current directory change from the system directory and the root of the C drive to the user's temporary directory and the directory of the app executable.
• The 'stub' executable has been enhanced for security, ensuring it prevents directory traversal attacks by verifying that path elements do not contain relative notations like '.' or '..'.
• Removed OcranBuilder and split functionality into StubBuilder and InnoSetupBuilder to introduce delayed loading and improve resource efficiency.
• InnoSetup installer now operates independently of stub, launching through its own batch file.
• Moved LibraryDetector to a separate file for modularity and implemented delayed loading with standardized Fiddle usage.
• Update Bundler from 2.4.13 to 2.5.10.
• Fixed issue where the gem.build_complete file was not included in the package due to an incorrect change.
• Changed error output from standard output to standard error (stderr).
• ocransa (Ocran-stand-alone) has been discontinued.
• The implementation of bin/ocran.rb has been refactored and split into multiple files. These files have been relocated to the lib directory.

Release 1.3.15

=== 1.3.15

- Support for Ruby 2.6 and above.
- Properly display errors from InnoSetup.
- Fixed errors when creating an installer using InnoSetup. Previously, installer creation was not possible due to errors related to file sharing, which occurred only on Windows.
- Retrieve the path of runtime DLLs even when the path is long. Note that stubs still do not support long paths, so creating executable files with long paths is not yet possible.
- Fixed bugs in tests. All tests can now be executed.
- Improved the speed of manifest file discovery. This manifest file is only required in the RubyInstaller environment.
- Fixed bugs in the regular expressions of GEM_EXTRA_RE. This allows excluding C source files, etc., from the ocran executable package based on command options.
- Added methods to Ocran::Pathname, making it closer to the implementation of Ruby's Pathname.
- Reimplemented certain parts to match the implementation of Ruby 2.6 era, for compatibility with older Ruby versions. Therefore, the ocran command cannot be executed on Ruby versions earlier than 2.6.

Release 1.3.14

Merge pull request #3 from ccorn90/ccorn90/rubyopt

Add option to suppress or override RUBYOPT environment variable

Release 1.3.13

- Fixed the bug why Innosetup did not run because of missing encode m…